Through Web Application Security, you can view and manage signature files and signature file updates centrally for multiple BIG-IP^® devices. For each signature file, the system displays the file name, the file version, the version of BIG-IP with which it is compatible, and its source. You can also update certain signature file settings. By managing signature files from the BIG-IQ^® Centralized Management platform, the administrator can spend less time on signature updates, and can view the signatures update information in a single central location. The BIG-IP system includes an attack signature pool and a bot signature pool. These pools include the system-supplied attack signatures and bot signatures, which are shipped with the BIG-IP Application Security Manager, and any user-defined signatures.

Web Application Security fetches all new and relevant signature files from an external server, which may use a proxy. You can configure a proxy from the BIG-IQ Centralized Management system ( System > PROXIES ). The BIG-IQ Centralized Management system can then push the signature files to the relevant BIG-IP device or devices. It displays the signature version for each device.

Web Application Security signature file processing, such as importing, downloading, installing (pushing to devices), and deleting signature files, requires the following built-in roles, or the equivalent permissions on a custom role: Administrator, Security Manager, or Web App Security Manager.

1. Click Configuration > SECURITY > Web Application Security > Signature Files > Signature Files List .
2. To view and install a signature file, click the file name.
   The signature file properties screen opens.
3. Review the information about the signature file in the read only fields.
   • The Name setting displays the name of the signature file.
   • The Version setting displays the version of the signature file.
   • The Compatibility setting displays the BIG-IP device version that should be used with this signature file.
   • The Source setting displays the source of the signature file.
4. In the Install to Devices setting, specify which BIG-IP devices should receive the signature file by moving them from the Available Devices list to the Selected Devices list.
5. In the Install To setting, specify which grouping of BIG-IP devices should receive the signature file.
   • Select All Devices to install the signature file to all listed BIG-IP devices.
   • Select Active Devices Only to install the signature file to all listed BIG-IP devices, except for those devices that are the inactive members of a cluster.
   Once a signature file is deployed to an active clustered BIG-IP device, a synchronization task will run on the BIG-IP device cluster.
6. In the Related Devices area, review the BIG-IP devices listed.
7. Expand the Readme area to view details about the changes to the signature file.
8. Click Install to have the signature file installed on the selected BIG-IP devices.
   Or you can click Cancel to remove any changes and not install the signature file.

1. Click Configuration > SECURITY > Web Application Security > Signature Files > Signature Files List .
2. Click Settings.
   The Settings screen opens.
3. For the Remote Updates setting, select Enabled to allow remote signature file updates.
   If this setting is disabled, the other settings are not displayed.
4. In the Interval setting, select how often the scheduled update should run.
5. For the Starting at setting, specify when the scheduled update and installation should begin.
   You must specify a day after the current day.
6. Review when the Last Update occurred.
7. In the Proxy setting, select the proxy to use when retrieving signature files, or select None.
   You can configure proxies from the BIG-IQ Centralized Management system ( System > PROXIES ).
8. In the Next Update setting, review when the next update is schedules to occur.
9. In the Last Run Status setting, review the status of the last file update.
   Possible statuses include: Passed, or Failed.
10. For the Install To setting, specify which grouping of BIG-IP devices should receive the signature file.
    • Select All Devices to install the signature file to all listed BIG-IP devices.
    • Select Active Devices Only to install the signature file to all listed BIG-IP devices, except for those devices that are the inactive members of a cluster.
    Once a signature file is deployed to an active clustered BIG-IP device, a synchronization task will run on the BIG-IP device cluster.
11. Save your work.